Protect Your Dealership From Growing Cyber Liabilities

Data breaches and other malicious activities aren’t going away, but keeping your team prepared for the latest exposures can help lower your business’s risks.

Data breaches. You’ve heard about them in the news and on social media by now. But with the growing complexity of cyber-attacks, do you know if your motorsports dealership is prepared for the full range of risks it could face?

According to the 2020 Cost of Data Breach Report released by IBM, the average total cost of a business data breach is $3.86 million. Even worse, lost business costs account for nearly 40% of that total due to increased customer turnover, lost revenue associated with system downtime and added costs to acquire new business due to a diminished reputation. In short, just one data breach could have detrimental—and lasting—impacts on your dealership.

Below are risks and tips we’ve helped other motorsports dealers with at Sentry. My hope is that you discover at least one new idea to take back to your dealership so that your team can focus on delivering motorsports to customers, with confidence that your data is secure.


Ransomware is malicious software that restricts access to files on an infected machine—usually by encrypting them. An attacker then demands a ransom payment in exchange for restoring access to the files by providing the key to decrypt the data. While ransomware is unpredictable, there are several steps you can take to reduce your dealership’s risks:

  • Ensure that your anti-virus software is up to date
  • Apply vulnerability patches as soon as you’re able and enable automated patches for your operating system, software, firmware, and web browsers.
  • Consider network segmentation.
  • Implement and test a data backup and recovery plan to maintain copies of your sensitive data in a separate and secure location, preferably offline or with a trusted cloud solution.
  • Establish firewall settings that prevent access to known malicious IP addresses.
  • Make sure that backup copies of sensitive data aren’t readily accessible from local networks.
  • Train your employees on how to avoid phishing attempts. Test them frequently to maintain awareness.
  • Enable strong identity and access-management programs with established principles of least privilege, or “need to know.”

If your dealership faces the unfortunate event of a ransomware infection, there are several ways you can respond. First, disconnect any infected machines from your network and contact both law enforcement and your insurance provider immediately.

Next, evaluate the extent of the infection, identify the ransomware type, and determine whether the infected machine was connected to shared or unshared network drives, external hard drives, USBs or cloud-based storage. You’ll also want to check for any registries or file listings created by the ransomware.

Finally, clean the ransomware from your systems, reinstall the operating system, and restore it from a reliable backup. A well-organized backup plan is one of the best countermeasures your dealership can take against ransomware.

Fraudulent impersonation

Another rising issue many motorsports dealers face is fraudulent impersonation. This can happen when a vendor of your dealership, who appears to be legitimate, asks your business to modify wireless payment instructions such as a different bank and routing number. If the request is completed by a member of your team, the hacker who impersonated your business’s vendor would then be the recipient of those funds, sometimes in the tens or hundreds of thousands of dollars, which may be unrecoverable in some instances.

This specific cyberattack has been an increasing trend during 2020, however you can reduce the likelihood and risk of these incidents by requiring a multi-step confirmation process. Before altering payment instructions, confirm the transaction through a known telephone number of your vendor—not the one listed in the email. If everything checks out, require dual signoffs to confirm each request is reviewed thoroughly. As with any significant change, two sets of eyes are better than one. If an impersonating attacker does access your dealership’s finances, insurance coverage may be available depending on your carrier.

The importance of device encryption

As a parting piece of advice, don’t underestimate the value of encrypting your email, devices, and disks. Unencrypted technology not only may allow an attacker to intercept and read your messages in plain text, but you won’t know how many places the data is stored, or even if it was intercepted.

Your encryption plan will mostly depend on your dealership’s size, budget, and technical needs, however the following checklist should help you get started:

  • Identify your sensitive data: Determine which data in your organization needs encrypting.
  • Determine your budget: Encryption products range from free open-source tools to paid solutions designed for large organizations.
  • Find a solution: Choose an encryption software that implements the Advanced Encryption Standard (AES) algorithm—the industry standard specified by the National Institute of Standards and Technology. All three AES standard key lengths provide robust, industry-standard encryption.
  • Configure email software: Set up your software to encrypt messages automatically. This way, employees won’t forget or skip encryption.
  • Encourage others: Work with external parties to set up compatible email encryption systems so you can send each other secure messages easily.
  • Enforce a password policy: Consider using long passwords—not just the 4-digit PINs or geometric patterns that are often the default on smartphones.
  • Train your employees: Teach them how encryption works, why it’s a critical component of your cybersecurity policy,

Data breaches and other malicious activities aren’t going away, but keeping your team prepared for the latest exposures can help lower your business’s risks. With the new year quickly approaching, consider reviewing your dealerships coverages to make sure you’re properly protected from a costly data breach. While this isn’t a comprehensive list, I hope it can serve as a starting point for your business.

For more information and recommendations, speak with your local experts, insurer or business’s attorney to make sure you’re covered.

Dan Zastava is the director of corporate underwriting and product development for Sentry Insurance a Mutual Company, which is headquartered in Stevens Point, Wisconsin. Visit sentry.com to learn about the insurance, retirement products and risk management solutions Sentry provides to motorsports dealers.

You May Also Like

Elevating Your Sales Game Through Parts Packaging

Breaking down the art and science of a well-designed, customer-focused, profit-friendly parts package.

Good parts managers are a rare breed. We are among the few who enjoy flipping through paper catalogs and covering them with notes. We love seeing how other companies merchandise shelves. We are always absorbing different sales techniques and wondering if we could use them too.

In that vein, when it comes to continuing to boost our numbers post-COVID, I have a few strategies for you to try. It might sound odd, but not everyone can remember that most winches need a winch mount. Or that certain winches require a hidden harness stored at the bottom of a book (hello, Can-Am). Or that Honda has split its winch harness between the winch and the mount. If you don't want service techs to hate you, you need to order both part numbers or else face their wrath.

Unleash Your Experts: How to Be a Long-Tail Resource for Powersports Enthusiasts

Closing deals and providing service are a dealer’s bread and butter, but your dealership has far more to offer.

dealership employees
Building a Growth Stategy With a Powersports Playbook

Success isn’t a fluke, and it’s not luck. It’s a strategy.

Fostering an F&I Culture That Sells

Dealership success hinges on the ability to cultivate a strong F&I culture.

Increasing Profits Through Accessorizing

Go out and find the units to dress up — there’s lots of extra profit to be made.

Other Posts

Segway Powersports and Octane Shift Gears With Strategic Financing Partnership

Effective, April 1, 2024, prime and non-prime consumers are eligible for financing on Segway’s entire range.

Octane, Segway Powersports
Octane Redefines Powersports Lending With Dealer Portal 2.0

Dealer partners can deliver an even faster, easier financing experience for their customers.

Dealer Portal 2.0
Synchrony Partners With BRP to Provide Retail Financing Options in the U.S.

Synchrony to offer consumers flexible financing on powersports products.

FIN Provides Realtime Tracking to Police, Recovers 2023 Kawasaki Motorcycle

After sitting for several hours in what appeared to the be the interior of a residential property, the motorcycle started moving.

Kawasaki KLX 250R